47153 matches found
HTB22897: SQL injection vulnerability in Ripe website manager
Vulnerability ID: HTB22897 Reference: http://www.htbridge.ch/advisory/sqlinjectionvulnerabilityinripewebsitemanager.html Product: Ripe website manager Vendor: Ripe website manager Team http://www.ripewebsitemanager.com/ Vulnerable Version: 1.1 and probably prior versions Vendor Notification: 10...
HTB22896: SQL injection vulnerability in Ripe website manager
Vulnerability ID: HTB22896 Reference: http://www.htbridge.ch/advisory/blindsqlinjectionvulnerabilityinripewebsitemanager.html Product: Ripe website manager Vendor: Ripe website manager Team http://www.ripewebsitemanager.com/ Vulnerable Version: 1.1 and probably prior versions Vendor Notification:...
HTB22898: XSRF (CSRF) in Ripe website manager
Vulnerability ID: HTB22898 Reference: http://www.htbridge.ch/advisory/xsrfcsrfinripewebsitemanager.html Product: Ripe website manager Vendor: Ripe website manager Team http://www.ripewebsitemanager.com/ Vulnerable Version: 1.1 and probably prior versions Vendor Notification: 10 March 2011...
HTB22901: SQL injection in SyndeoCMS
Vulnerability ID: HTB22901 Reference: http://www.htbridge.ch/advisory/sqlinjectioninsyndeocms.html Product: SyndeoCMS Vendor: http://www.syndeocms.org/ http://www.syndeocms.org/ Vulnerable Version: 2.8.02 Vendor Notification: 10 March 2011 Vulnerability Type: SQL injection Risk level: High Credit...
AST-2011-004:
Product Asterisk Summary Remote crash vulnerability in TCP/TLS server Nature of Advisory Denial of Service Susceptibility Remote Unauthenticated Sessions Severity Critical Exploits Known No Reported On March 1, 2011 Reported By Blake Cornell [email protected] and Chris Maj [email protected]...
Cisco IPSec information leak
It's possible to check groupname existance...
PHP-Nuke 8.x <= Cross Site Request Forgery (CSRF) / Anti-CSRF Bypass Vulnerability
PHP-Nuke 8.x = Cross Site Request Forgery CSRF / Anti-CSRF Bypass Vulnerability 1. OVERVIEW The PHP-Nuke version 8.x and lower versions are vulnerable to Cross Site Request Forgery CSRF because its Anti-CSRF mechanism Referer Check is found to be broken. 2. BACKGROUND PHP-Nuke is a Web Portal...
libvirt protection bypass
No description provided...
TeX (tex-common) shell characters vulnerability
No description provided...
NGS00016 Technical Advisory: Immunity Debugger Buffer Overflow
======= Summary ======= Name: Immunity Debugger Buffer Overflow Release Date: 22 March 2011 Reference: NGS00016 Discoverer: Paul Harrington Vendor: Immunity Inc Vendor Reference: Support 3171 Systems Affected: Windows Risk: Low Status: Fixed ======== TimeLine ======== Discovered: 28 October 2010...
iDefense Security Advisory 03.21.11: Apple OfficeImport Framework Excel Memory Corruption Vulnerability
iDefense Security Advisory 03.21.11 http://labs.idefense.com/intelligence/vulnerabilities/ Mar 21, 2011 I. BACKGROUND The OfficeImport framework is an API used by Apple's mobile devices, including the iPod Touch, iPhone, and iPad. The framework is used to parse and display Microsoft Office file...
NSOADV-2011-001: Symantec LiveUpdate Administrator CSRF vulnerability
NSOADV-2011-001: Symantec LiveUpdate Administrator CSRF vulnerability 111101111 11111 00110 00110001111 111111 01 01 1 11111011111111 11111 0 11 01 0 11 1 1 111011001 11111111101 1 11 0110111 1 1111101111 1001 0 1 10 11 0 10 11 1111111 1 111 111001 111111111 0 10 1111 0 11 11 111111111 1 1101 10...
Buffer overflow in libtiff in Imagemagick
--Credits: zgmzgmatmail.ustc.edu.cn -- Disclosure Timeline: 3-17-2011 -- Affected Vendor: Imagemagick 6.6.8-5 Libtiff 6.9.4 -- Problem Description: A buffer overflow is triggered by displaying a malformed tiff image by the Imagemagick.The error information is followed: display: malformed.tif: Wro...
NGS00014 Technical Advisory: Cisco IPSec VPN Implementation Group Name Enumeration
======= Summary ======= Name: Cisco IPSec VPN Implementation Group Name Enumeration Release Date: 22 March 2011 Reference: NGS00014 Discoverer: Gavin Jones Vendor: Cisco Vendor Reference: CSCei51783, CSCtj96108 Systems Affected: ASA 5500 Series Adaptive Security Appliances -Cisco PIX 500 Series...
[SECURITY] [DSA 2194-1] libvirt security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2194-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst March 18, 2011 http://www.debian.org/security/faq -...
ZDI-11-107: Libtiff ThunderCode Decoder THUNDER_2BITDELTAS Remote Code Execution Vulnerability
ZDI-11-107: Libtiff ThunderCode Decoder THUNDER2BITDELTAS Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-107 March 21, 2011 -- CVE ID: CVE-2011-1167 -- CVSS: 9, AV:N/AC:L/Au:N/C:P/I:P/A:C -- Affected Vendors: Libtiff -- Affected Products: Libtiff libtiff --...
libtiff buffer overflow
Buffer overflow in ThunderCode codec, stack overflow...
HP Client Automation code execution
Code execution with radexecd.exe TCP/3465...
Advantech BroadWin WebAccess multiple security vulnerabilities
Code execution, information leak from TCP/4592 RPC-based service...
IGSS ODBC Server uninitialized pointer free()
Multiple uninitialized pointer dereference conditions...
Asterisk DoS
Connection flood leads to resources exhaustion...
Joomla! 1.6.0 | Information Disclosure/Full Path Disclosure Vulnerability
Joomla! 1.6.0 | Information Disclosure/Full Path Disclosure Vulnerability 1. OVERVIEW Joomla! 1.6.0 is vulnerable to Full Path Disclosure. 2. BACKGROUND Joomla is a free and open source content management system CMS for publishing content on the World Wide Web and intranets. It comprises a...
PHP-Nuke 8.x <= "chng_uid" Blind SQL Injection Vulnerability
PHP-Nuke 8.x = Blind SQL Injection Vulnerability 1. OVERVIEW The administration backend of PHP-Nuke 8.x is vulnerable to Blind SQL Injection. 2. BACKGROUND PHP-Nuke is a Web Portal System or content management system. The goal of PHP-Nuke is to have an automated web site to distribute news and...
CMS Balitbang 3.3 Arbitary File Upload Vulnerability
=================================================================== CMS Balitbang v.3.3 Arbitary file upload vulnerability =================================================================== Software: CMS Balitbang Vendor: www.kajianwebsite.org Vuln Type: Arbitary file upload Download link:...
PHP-Nuke 8.x <= Cross Site Scripting Vulnerability
PHP-Nuke 8.x = Cross Site Scripting Vulnerability 1. OVERVIEW The PHP-Nuke version 8.x and lower are vulnerable to Cross Site Scrtipting. 2. BACKGROUND PHP-Nuke is a Web Portal System or content management system. The goal of PHP-Nuke is to have an automated web site to distribute news and articl...
libcgroup security vulnerabilities
Buffer overflow, privilege escalation...
Heap overflow in RealPlayer 14.0.1.633
Luigi Auriemma Application: RealPlayer http://www.real.com Versions: = 14.0.1.633 Platforms: Windows, Macintosh OSX, Linux, Symbian, Palm Bug: heap overflow Exploitation: remote Date: 21 Mar 2011 found 17 Feb 2011 Author: Luigi Auriemma e-mail: [email protected] web: aluigi.org 1 Introduction ...
AST-2011-003:
Product Asterisk Summary Resource exhaustion in Asterisk Manager Interface Nature of Advisory Denial of Service Susceptibility Remote Unauthenticated Sessions if manager interface is accessible Severity Moderate Exploits Known No Reported On March 1, 2011 Reported By Blake Cornell...
PHP-Nuke 8.x <= Cross Site Scripting Vulnerability
PHP-Nuke 8.x = Cross Site Scripting Vulnerability 1. OVERVIEW The PHP-Nuke version 8.x and lower are vulnerable to Cross Site Scrtipting. 2. BACKGROUND PHP-Nuke is a Web Portal System or content management system. The goal of PHP-Nuke is to have an automated web site to distribute news and articl...
ZDI-11-106: Novell Netware NWFTPD.NLM DELE Remote Code Execution Vulnerability
ZDI-11-106: Novell Netware NWFTPD.NLM DELE Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-106 March 18, 2011 -- CVE ID: CVE-2010-4228 -- CVSS: 9, AV:N/AC:L/Au:S/C:C/I:C/A:C -- Affected Vendors: Novell -- Affected Products: Novell Netware -- TippingPointTM I...
[PRE-SA-2011-02] Information disclosure vulnerability in the OSF partition handling code of the Linux kernel
PRE-CERT Security Advisory ========================== Advisory: PRE-SA-2011-02 Released on: 16 Mar 2011 Last updated on: 16 Mar 2011 Affected product: Linux Kernel 2.4 and 2.6 Impact: disclosure of sensitive information Origin: storage devices Credit: Timo Warns PRESENSE Technologies GmbH CVE...
IBM Lotus Domino Server Controller unauthorized access
User-supplied network file is used for stored user's credentials during TCP/2050 service authentication...
[SECURITY] [DSA 2193-1] libcgroup security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2193-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst March 16, 2011 http://www.debian.org/security/faq -...
Linux kernel multiple security vulnerabilities
Privilege escalation, multiple information leaks...
ZDI-11-109: (Pwn2Own) Apple Safari OfficeArtBlip Parsing Remote Code Execution Vulnerability
ZDI-11-109: Pwn2Own Apple Safari OfficeArtBlip Parsing Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-109 March 22, 2011 -- CVE ID: CVE-2011-1417 -- CVSS: 9.7, AV:N/AC:L/Au:N/C:C/I:C/A:P -- Affected Vendors: Apple -- Affected Products: Apple Safari --...
HP Discovery &amp; Dependency Mapping Inventory information leak
public community has SNMP read access by default...
XSS, AoF и IAA уязвимости в MC Content Manager
Здравствуйте 3APA3A! Сообщаю вам о найденных мною Cross-Site Scripting уязвимостях в системе MC Content Manager. Это украинская коммерческая CMS. XSS WASC-08: Уязвимости на страницах регистрации и восстановления пароля. http://websecurity.com.ua/uploads/2011/MC20Content20Manager20XSS.html...
RealPlayer buffer overflow
Buffer overflow on IVR files parsing...
SCADA Trojans: Attacking the Grid + Advantech vulnerabilities
Hi! You can download the slides of the research I was presenting at RootedCon'11 in Madrid "SCADA Trojans: Attacking the grid". A journey into attacking the power grid. I presented: - 0days in Advantech/BroadWin WebAccess SCADA product - Weak Design/Vulnerabilities in CSE-Semaphore TBOX RTUs -...
ZDI-11-105: Hewlett-Packard Client Automation radexecd.exe Remote Code Execution Vulnerability
ZDI-11-105: Hewlett-Packard Client Automation radexecd.exe Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-105 March 18, 2011 -- CVE ID: CVE-2011-0889 -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C -- Affected Vendors: Hewlett-Packard -- Affected Products:...
[SECURITY] [DSA 2198-1] tex-common security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2198-1 [email protected] http://www.debian.org/security/ Nico Golde March 22, 2011 http://www.debian.org/security/faq -...
XSS in Oracle default fcgi-bin/echo
Long ago, I wrote about an XSS vulnerability in Oracle fcgi-bin/echo : http://lists.grok.org.uk/pipermail/full-disclosure/2010-October/076794.html http://www.securityfocus.com/archive/1/514181 The issue may now be fixed in the latest versions of Oracle web servers:...
[USN-1089-1] Linux kernel vulnerabilities
=========================================================== Ubuntu Security Notice USN-1089-1 March 18, 2011 linux, linux-ec2 vulnerabilities CVE-2010-4076, CVE-2010-4077, CVE-2010-4158, CVE-2010-4162, CVE-2010-4163, CVE-2010-4175, CVE-2010-4242...
Progea Movicon TCPUploadServer unauthorized access
It's possible to upload and execute file to arbitrary location...
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc...
[security bulletin] HPSBMA02647 SSRT100383 rev.1 - HP Discovery & Dependency Mapping Inventory (DDMI) Running on Windows, Insecure SNMP Configuration
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c02757867 Version: 1 HPSBMA02647 SSRT100383 rev.1 - HP Discovery & Dependency Mapping Inventory DDMI Running on Windows, Insecure SNMP Configuration NOTICE: The information in this Security Bullet...
IGSS 8 ODBC Server Multiple Remote Uninitialized Pointer Free DoS
!/usr/bin/python igss.py IGSS 8 ODBC Server Multiple Remote Uninitialized Pointer Free DoS Jeremy Brown / jbrown at patchtuesday dot org Mar 2011 There are multiple remote uninitialized pointer free conditions in IGSS's ODBC server. By sending a specially crafted packet to listening port 20222, i...
ZDI-11-110: (0day) IBM Lotus Domino Server Controller Authentication Bypass Remote Code Execution Vulnerability
ZDI-11-110: 0day IBM Lotus Domino Server Controller Authentication Bypass Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-110 March 22, 2011 -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C -- Affected Vendors: IBM -- Affected Products: IBM Lotus Domino --...
Apple HFS+ Information Disclosure Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 VSR Security Advisory http://www.vsecurity.com/ - -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Advisory Name: Apple HFS+ Information Disclosure Vulnerability Release Date: 2011-03-22 Application: Apple OS X kernel XN...
ZDI-11-108: Mac OS X Compact Font Format Decoder Remote Code Execution Vulnerability
ZDI-11-108: Mac OS X Compact Font Format Decoder Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-108 March 22, 2011 -- CVE ID: CVE-2011-0176 -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C -- Affected Vendors: Apple -- Affected Products: Apple Preview --...